0.001 Low
EPSS
Percentile
49.8%
October CMS is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the input via the theme import function allowing an attacker with access to the backend to execute maliciously crafted PHP code.
github.com/octobercms/october/commit/167b592eed291ae1563c8fcc5b9b34a03a300f26
github.com/octobercms/october/security/advisories/GHSA-5hfj-r725-wpc4